The present invention relates to the field of software security and, more particularly, to mediated access of software dumped data through specialized analysis modules.
When determining a problem on a computing system it is not uncommon to gather state information, memory information, and other pertinent system data for analysis. This information is aggregated in a software dump (e.g., core dump, user dump, system dump, JAVA dump, service dump, etc.) file(s) when predetermined events/conditions of a computing system occur or at the command of a system administrator.
In many cases, software dump files can contain sensitive information and/or normally protected information taken from memory and system processes. This information is not protected in the software dump file, which frequently exists in a format that is able to be accessed by others without requiring authentication or any security key or certificate. That is, the content of the software dump files exists “in the clear” in an unencrypted, non-protected form. Many software forensic tools exist to extract meaning from such a dump file.
Recently, software vendors have begun bundling remote problem determination tools along with the provided software in an attempt to improve software quality. These tools, however, frequently send software dump data over unsecured channels to repository servers for later analysis, as shown in FIG. 1 (Prior Art). In FIG. 1 (Prior Art), a dump tool 116 executing on a computing device 110 can obtain data from processor 112 and memory 114 to be placed into a software dump 120. It is not uncommon that tool 116 gathers all available data from areas 112, 114. In these situations, software dump 120 can contain privileged information, such as personal information, which is often extraneous data not pertinent to the problem being diagnosed. As a result, software dump 120 can regularly include privileged data 123 and non-privileged data 124.
Frequently, a software dump 120 is conveyed over networks such as network 130 to a central location. In many instances, network 130 includes insecure networks such as the Internet which can allow an attacker or observer to obtain privileged data 123. Once received by repository server 140, software dump data 120 can be stored in data store 144. In current manifestations, privileged data 123 is not well protected and can be inspected by any user/entity with access to software dump 120. In an extreme situation, an unauthorized user can initiate actions designed to trigger a software dump, which the invader can intercept and later analyze.
In many cases, the problems with data being conveyed in software dumps 120 involves more than individual unauthorized users/entities gaining access to the repository server 140. For instance, the computing device 110 can belong to a customer and the repository server 140 can belong to a software vender. Often, the customer does not wish any agent of the software vender to have access to privileged data 123, which is currently conveyed to data store 144 in a core dump 120 situation.